CVE-2010-4111

Exp

Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 2010-12-22 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2010-4111 is rated High Exploit Risk (60.2/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.80%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +1.48% over the last day, indicating growing attacker interest. Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2010-4111

EDB-ID Source Kind Published Link
35116 exploit_db edb 2010-12-15 Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2010-4111

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.32% 1.80% +1.48%
2 2026-05-15 0.36% 0.32% -0.04%
3 2025-11-04 0.36%

Full EPSS history (13 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2010-4111

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:N)
No availability impact.
8.6 2.9 [email protected]

Weakness enumeration for CVE-2010-4111

Affected software / configurations for CVE-2010-4111

Vendor Product Version Raw CPE
hp insight_diagnostics <= 8.5.0.3625 cpe:2.3:a:hp:insight_diagnostics:*:*:online:*:*:*:*:*
hp insight_diagnostics 6.3.0.878 cpe:2.3:a:hp:insight_diagnostics:6.3.0.878:*:online:*:*:*:*:*
hp insight_diagnostics 6.3.1.887 cpe:2.3:a:hp:insight_diagnostics:6.3.1.887:*:online:*:*:*:*:*
hp insight_diagnostics 7.0.0.1198 cpe:2.3:a:hp:insight_diagnostics:7.0.0.1198:*:online:*:*:*:*:*
hp insight_diagnostics 7.0.1.1219 cpe:2.3:a:hp:insight_diagnostics:7.0.1.1219:*:online:*:*:*:*:*
hp insight_diagnostics 7.4.0.1570 cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:*:online:*:*:*:*:*
hp insight_diagnostics 7.5.0.1679 cpe:2.3:a:hp:insight_diagnostics:7.5.0.1679:*:online:*:*:*:*:*
hp insight_diagnostics 7.5.5.1681 cpe:2.3:a:hp:insight_diagnostics:7.5.5.1681:*:online:*:*:*:*:*
hp insight_diagnostics 7.6.0.1984 cpe:2.3:a:hp:insight_diagnostics:7.6.0.1984:*:online:*:*:*:*:*
hp insight_diagnostics 7.7.0.2112 cpe:2.3:a:hp:insight_diagnostics:7.7.0.2112:*:online:*:*:*:*:*
hp insight_diagnostics 7.8.0.2257 cpe:2.3:a:hp:insight_diagnostics:7.8.0.2257:*:online:*:*:*:*:*
hp insight_diagnostics 7.9.0.2359 cpe:2.3:a:hp:insight_diagnostics:7.9.0.2359:*:online:*:*:*:*:*
hp insight_diagnostics 7.9.1.2401 cpe:2.3:a:hp:insight_diagnostics:7.9.1.2401:*:online:*:*:*:*:*
hp insight_diagnostics 8.0.0.2587 cpe:2.3:a:hp:insight_diagnostics:8.0.0.2587:*:online:*:*:*:*:*
hp insight_diagnostics 8.1.0.2718 cpe:2.3:a:hp:insight_diagnostics:8.1.0.2718:*:online:*:*:*:*:*
hp insight_diagnostics 8.1.1.2784 cpe:2.3:a:hp:insight_diagnostics:8.1.1.2784:*:online:*:*:*:*:*
hp insight_diagnostics 8.1.5.2890 cpe:2.3:a:hp:insight_diagnostics:8.1.5.2890:*:online:*:*:*:*:*
hp insight_diagnostics 8.2.0.3058 cpe:2.3:a:hp:insight_diagnostics:8.2.0.3058:*:online:*:*:*:*:*
hp insight_diagnostics 8.2.5.3157 cpe:2.3:a:hp:insight_diagnostics:8.2.5.3157:*:online:*:*:*:*:*
hp insight_diagnostics 8.3.0.3320 cpe:2.3:a:hp:insight_diagnostics:8.3.0.3320:*:online:*:*:*:*:*
hp insight_diagnostics 8.4.0.3521 cpe:2.3:a:hp:insight_diagnostics:8.4.0.3521:*:online:*:*:*:*:*
hp insight_diagnostics <= 8.5.0-11 cpe:2.3:a:hp:insight_diagnostics:*:*:online:*:*:*:*:*
hp insight_diagnostics 6.3.0-15 cpe:2.3:a:hp:insight_diagnostics:6.3.0-15:*:online:*:*:*:*:*
hp insight_diagnostics 6.3.1-1 cpe:2.3:a:hp:insight_diagnostics:6.3.1-1:*:online:*:*:*:*:*
hp insight_diagnostics 7.0.0-30 cpe:2.3:a:hp:insight_diagnostics:7.0.0-30:*:online:*:*:*:*:*
hp insight_diagnostics 7.0.1-8 cpe:2.3:a:hp:insight_diagnostics:7.0.1-8:*:online:*:*:*:*:*
hp insight_diagnostics 7.4.0-11 cpe:2.3:a:hp:insight_diagnostics:7.4.0-11:*:online:*:*:*:*:*
hp insight_diagnostics 7.5.0-14 cpe:2.3:a:hp:insight_diagnostics:7.5.0-14:*:online:*:*:*:*:*
hp insight_diagnostics 7.5.5-1 cpe:2.3:a:hp:insight_diagnostics:7.5.5-1:*:online:*:*:*:*:*
hp insight_diagnostics 7.6.0-23 cpe:2.3:a:hp:insight_diagnostics:7.6.0-23:*:online:*:*:*:*:*
hp insight_diagnostics 7.7.0-142 cpe:2.3:a:hp:insight_diagnostics:7.7.0-142:*:online:*:*:*:*:*
hp insight_diagnostics 7.8.0-159 cpe:2.3:a:hp:insight_diagnostics:7.8.0-159:*:online:*:*:*:*:*
hp insight_diagnostics 7.9.0-105 cpe:2.3:a:hp:insight_diagnostics:7.9.0-105:*:online:*:*:*:*:*
hp insight_diagnostics 7.9.1-15 cpe:2.3:a:hp:insight_diagnostics:7.9.1-15:*:online:*:*:*:*:*
hp insight_diagnostics 8.0.0-210 cpe:2.3:a:hp:insight_diagnostics:8.0.0-210:*:online:*:*:*:*:*
hp insight_diagnostics 8.1.0-136 cpe:2.3:a:hp:insight_diagnostics:8.1.0-136:*:online:*:*:*:*:*
hp insight_diagnostics 8.1.1-206 cpe:2.3:a:hp:insight_diagnostics:8.1.1-206:*:online:*:*:*:*:*
hp insight_diagnostics 8.1.5-311 cpe:2.3:a:hp:insight_diagnostics:8.1.5-311:*:online:*:*:*:*:*
hp insight_diagnostics 8.3.0-14 cpe:2.3:a:hp:insight_diagnostics:8.3.0-14:*:online:*:*:*:*:*
hp insight_diagnostics 8.3.1-105 cpe:2.3:a:hp:insight_diagnostics:8.3.1-105:*:online:*:*:*:*:*
hp insight_diagnostics 8.4.0-18 cpe:2.3:a:hp:insight_diagnostics:8.4.0-18:*:online:*:*:*:*:*

References for CVE-2010-4111

cvelogic Threat Intelligence